SOC Analyst with Security Clearance

Job Description

Company: Eliassen Group

Location: Washington, US

Description: Hybrid 2 Days Onsite/3 Days Remote in Washington, DC Our client seeks a SOC Analyst to support continuous monitoring, detection, analysis, and response to cybersecurity events across hybrid cloud and on-premises environments. The analyst will triage security alerts, investigate incidents, and ensure timely escalation and resolution aligned to incident response procedures. The role operates within a modern enterprise leveraging Splunk, Microsoft Sentinel, Microsoft Defender, and related platforms across M365 G5, cloud services, and enterprise applications. The position supports a 24×7 SOC model and partners with infrastructure, cloud, and application teams. Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $50.00 to $55.00/hr. w2 Responsibilities: * Monitor security events and alerts generated by SIEM, EDR/XDR, and other security platforms. * Perform initial triage and analysis of alerts to determine severity, impact, and required response actions. * Identify false positives versus legitimate threats using defined use cases and threat intelligence. * Create, update, and manage incident tickets in systems such as Jira. * Escalate confirmed or high-risk incidents to appropriate Tier 2/3 analysts or incident response teams. * Support containment, eradication, and recovery efforts in coordination with cybersecurity teams. * Utilize Splunk and Microsoft Sentinel for log analysis, correlation, and event investigation. * Assist in tuning SIEM alerts and dashboards to improve detection capabilities and reduce noise. * Contribute to log onboarding, data normalization, and use case development. * Analyze alerts from EDR/XDR solutions such as Microsoft Defender. * Monitor identity-related risks across platforms including Okta, Entra ID, and Privileged Identity Management. * Investigate suspicious authentication patterns, privilege escalations, and anomalous behavior. * Review and support findings from vulnerability management tools such as Rapid7 InsightVM and Veracode. * Validate and correlate vulnerabilities with active threats or incidents and coordinate remediation tracking. * Document incident details, investigation steps, and resolution actions per security policies. * Maintain accurate reporting within ticketing and knowledge management systems such as Jira and Confluence. * Contribute to incident reports, after-action reviews, and audit artifacts. Experience Requirements: * Hands-on experience with security monitoring and alert triage. * Experience with incident ticketing, tracking, and escalation processes. * Proficiency with SIEM platforms such as Splunk and/or Microsoft Sentinel. * Experience with EDR/XDR tools, including Microsoft Defender. * Experience with security event documentation and reporting. * Familiarity with enterprise IT environments spanning on-premises and cloud infrastructures. * Preferred: Experience with Microsoft 365 G5, Okta, Entra ID, CyberArk, Rapid7 InsightVM, Device42, and Veracode. * Preferred: Exposure to AWS, hybrid architectures, GRC tools such as Xacta, and enterprise platforms such as Appian or Oracle. * Preferred: Experience working with formal incident response frameworks and playbooks. Education Requirements: * Bachelor’s degree in Cybersecurity, Information Technology, or related field, or equivalent experience. * Relevant certifications such as CompTIA Security+, GIAC (GSEC, GCIA, etc.), or Microsoft Security certifications.

Source: Adzuna